imfreedom/k8s-cluster

Add the deployment for lists.imfreedom.org.

16 months ago, Gary Kramlich
22ca0a0280d4
Parents 44c74f4dc683
Children 58df72dc379a
Add the deployment for lists.imfreedom.org.

This is currently running at liststest.imfreedom.org until we are actually ready
to migrate the production stuff.
2 files changed, 142 insertions(+), 0 deletions(-)
  • +5 -0
    50-lists.imfreedom.org/kustomization.yaml
  • +137 -0
    50-lists.imfreedom.org/manifest.yaml
    • --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/50-lists.imfreedom.org/kustomization.yaml Wed Dec 21 02:31:59 2022 -0600
    @@ -0,0 +1,5 @@
    +---
    +namespace: imfreedom
    +resources:
    + - manifest.yaml
    +---
    --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/50-lists.imfreedom.org/manifest.yaml Wed Dec 21 02:31:59 2022 -0600
    @@ -0,0 +1,137 @@
    +---
    +apiVersion: traefik.containo.us/v1alpha1
    +kind: IngressRoute
    +metadata:
    + name: lists-http
    +spec:
    + entryPoints:
    + - http
    + routes:
    + - match: Host(`lists.imfreedom.org`) || Host(`liststemp.imfreedom.org`)
    + kind: Rule
    + services:
    + - name: lists
    + port: 80
    + middlewares:
    + - name: https-redirect
    +---
    +apiVersion: traefik.containo.us/v1alpha1
    +kind: IngressRoute
    +metadata:
    + name: lists-https
    +spec:
    + entryPoints:
    + - https
    + routes:
    + - match: Host(`lists.imfreedom.org`) || Host(`liststemp.imfreedom.org`)
    + kind: Rule
    + services:
    + - name: lists
    + port: 80
    + middlewares:
    + - name: common-headers
    + - name: hsts-headers
    + tls:
    + secretName: lists-tls
    +---
    +apiVersion: cert-manager.io/v1
    +kind: Certificate
    +metadata:
    + name: lists-tls
    +spec:
    + secretName: lists-tls
    + issuerRef:
    + name: letsencrypt
    + commonName: liststemp.imfreedom.org
    + dnsNames:
    + - liststemp.imfreedom.org
    +---
    +apiVersion: v1
    +kind: Service
    +metadata:
    + name: lists
    + labels:
    + app: lists
    +spec:
    + ports:
    + - port: 80
    + protocol: TCP
    + selector:
    + app: lists
    +---
    +apiVersion: networking.k8s.io/v1
    +kind: NetworkPolicy
    +metadata:
    + name: lists
    + labels:
    + app: lists
    +spec:
    + podSelector:
    + matchLabels:
    + app: lists
    + ingress:
    + - from:
    + - namespaceSelector:
    + matchLabels:
    + name: kube-public
    + podSelector:
    + matchLabels:
    + app: traefik
    + role: controller
    + ports:
    + - port: 80
    + protocol: TCP
    +---
    +apiVersion: policy/v1
    +kind: PodDisruptionBudget
    +metadata:
    + name: lists
    +spec:
    + minAvailable: 1
    + selector:
    + matchLabels:
    + app: lists
    +---
    +apiVersion: apps/v1
    +kind: Deployment
    +metadata:
    + name: lists
    + labels:
    + app: lists
    + keel.sh/policy: force
    + keel.sh/trigger: poll
    + annotations:
    + keel.sh/pollSchedule: "@every 30m"
    +spec:
    + replicas: 2
    + revisionHistoryLimit: 0
    + selector:
    + matchLabels:
    + app: lists
    + template:
    + metadata:
    + labels:
    + app: lists
    + spec:
    + topologySpreadConstraints:
    + # Spreads out pods over the nodes
    + - labelSelector:
    + matchLabels:
    + app: lists
    + maxSkew: 1
    + topologyKey: kubernetes.io/hostname
    + whenUnsatisfiable: DoNotSchedule
    + containers:
    + - name: lists
    + image: docker.io/imfreedom/list-archives:latest
    + imagePullPolicy: Always
    + ports:
    + - containerPort: 80
    + resources:
    + limits:
    + cpu: 50m
    + memory: 96Mi
    + requests:
    + cpu: 10m
    + memory: 64Mi
    +---